419c20d586c370ceec8ece21c0cfe5a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

419c20d586c370ceec8ece21c0cfe5a2_JaffaCakes118
Size

392KB
MD5

419c20d586c370ceec8ece21c0cfe5a2
SHA1

c2ab8bb46a9c5e1e124011b4e8250a8f7134f893
SHA256

47c250f3d0e3588a3b2aecff14f30477895664882e48f4a1ee1e8f86e5516316
SHA512

45611a2bb17c06fc761147042af6ae4dca8c6e39a8d22db1d65005e946fc468ea6af6dc2953258c158847b4280b29f01b16e3ed26adaba4473dcfde4e47d160e
SSDEEP

6144:jreWYaIe2GU/hIhAzMA1ugP11KAsoEIto7V+fkCoUt3Hd:jnYaIejUlzj1ugNg5oEItGU/5Hd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
419c20d586c370ceec8ece21c0cfe5a2_JaffaCakes118

Files

419c20d586c370ceec8ece21c0cfe5a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1575d2ec22f9f55765ece125b14bce31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\bld_Sedona\R91_21\drivers\ui\Sedona\Sedona\Release\bin\nvExpBar.pdb

Imports

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_Create
ord17
ImageList_Add

winmm

PlaySoundW

msimg32

AlphaBlend

gdiplus

GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdiplusStartup
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage
GdipCreateBitmapFromStream

kernel32

EnterCriticalSection
Sleep
GetCurrentThreadId
SetThreadLocale
GetUserDefaultLCID
WaitForSingleObject
CreateThread
CreateEventW
GetCurrentThread
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiW
GetVersionExW
LoadLibraryW
DisableThreadLibraryCalls
FreeLibrary
ExpandEnvironmentStringsW
GetProcAddress
MulDiv
GetThreadLocale
WideCharToMultiByte
FreeResource
LoadLibraryExW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCPInfo
GetDateFormatA
GetTimeFormatA
LeaveCriticalSection
RtlUnwind
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
LCMapStringW
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
TlsGetValue
TlsSetValue
TlsFree
GetLastError
SetLastError
TlsAlloc
HeapReAlloc
VirtualAlloc
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleA
GetVersionExA
GetCommandLineA
HeapAlloc
HeapFree
SetEvent
GetExitCodeThread
CloseHandle
SetEnvironmentVariableA
MultiByteToWideChar
IsBadReadPtr
IsBadWritePtr
lstrlenW
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetTimeZoneInformation
HeapSize
GetLocaleInfoW
CompareStringA
CompareStringW
InterlockedExchange

user32

LoadStringA
wsprintfW
UnregisterClassW
RegisterClassExW
PostThreadMessageW
CreateDialogParamW
SetWindowRgn
GetDlgItem
LoadStringW
GetKeyState
GetForegroundWindow
SetForegroundWindow
GetFocus
GetSystemMetrics
ShowScrollBar
SetScrollInfo
UpdateWindow
AttachThreadInput
EnumChildWindows
SendMessageTimeoutW
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
DispatchMessageW
ClientToScreen
CreateWindowExW
DestroyWindow
GetSysColorBrush
IsWindow
GetDlgCtrlID
IsWindowEnabled
SetWindowLongW
BeginPaint
EndPaint
ScreenToClient
LoadCursorW
SetCursor
TrackMouseEvent
SetFocus
SetCapture
ReleaseCapture
DefWindowProcW
GetParent
DrawFrameControl
GetSysColor
DrawFocusRect
GetWindowTextW
DrawTextExW
PtInRect
GetCapture
InvalidateRect
SetWindowPos
ShowWindow
IsWindowVisible
GetClassNameW
GetWindowRect
GetWindowLongW
SendMessageW
FillRect
GetClientRect
GetScrollInfo
LoadImageW
GetDC
ReleaseDC
PostMessageW

gdi32

BitBlt
DeleteDC
GetObjectW
CreateDIBitmap
CreateDIBSection
DeleteObject
SetTextColor
SelectObject
LineTo
MoveToEx
CreatePen
CreateFontIndirectW
GetStockObject
SetBkColor
DPtoLP
GetDeviceCaps
GetDIBColorTable
EnumFontFamiliesW
GetTextExtentPoint32W
CreateCompatibleDC
CreateSolidBrush
CreateCompatibleBitmap
GetTextFaceW
SetBkMode
GetTextMetricsW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

CloseThemeData
DrawThemeBackground
DrawThemeEdge
DrawThemeIcon
DrawThemeParentBackground
DrawThemeText
EnableThemeDialogTexture
EnableTheming
GetCurrentThemeName
GetThemeAppProperties
GetThemeBackgroundContentRect
GetThemeBackgroundExtent
GetThemeBackgroundRegion
GetThemeBool
GetThemeColor
GetThemeDocumentationProperty
GetThemeEnumValue
GetThemeFilename
GetThemeFont
GetThemeInt
GetThemeIntList
GetThemeMargins
GetThemeMetric
GetThemePartSize
GetThemePosition
GetThemePropertyOrigin
GetThemeRect
GetThemeString
GetThemeSysBool
GetThemeSysColor
GetThemeSysColorBrush
GetThemeSysFont
GetThemeSysInt
GetThemeSysSize
GetThemeSysString
GetThemeTextExtent
GetThemeTextMetrics
GetWindowTheme
HitTestThemeBackground
IsAppThemed
IsThemeActive
IsThemeBackgroundPartiallyTransparent
IsThemeDialogTextureEnabled
IsThemePartDefined
OpenThemeData
SetThemeAppProperties
SetWindowTheme
g_sEBI

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dllshar
Size: 4KB - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1575d2ec22f9f55765ece125b14bce31

Headers

File Characteristics

PDB Paths

Imports

comctl32

winmm

msimg32

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 24KB - Virtual size: 29KB

.idata Size: 8KB - Virtual size: 7KB

.dllshar Size: 4KB - Virtual size: 265B

.rsrc Size: 132KB - Virtual size: 131KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 24KB - Virtual size: 29KB

.idata
Size: 8KB - Virtual size: 7KB

.dllshar
Size: 4KB - Virtual size: 265B

.rsrc
Size: 132KB - Virtual size: 131KB

.reloc
Size: 12KB - Virtual size: 10KB